What is Windows registry (Registry Keys)

  • Thread starter Thread starter Omar Abid
  • Start date Start date
O

Omar Abid

Find this tutorial and more on http://thedotnetsource.blogspot.com
Reason of this project:
I wrote this tutorial in order to help the hundred of programers
searching on the web for Windows registry.
This is an like introduction, if you are seeking how to use and deploy
the registry keys with Vb.net, just see the next tutorial (It'll be
tutorial 6).
In this tutorial I'll show what is the windows registry system and why
use it.

Project details:
1- What is Windows registry and why use it
2- How to read, write and change the registry
3- HIVES and their use
4- Defenition of registry values

1- What is Windows registry and why use it.

You can compare the Windows registry to a database. It stores
informations related to Windows and other installed application on
your system, but also Hardware.
Think now if someone need to change the computer name via programming.
How can he do this?
Programmers can think of files (text files) to store the computer and
windows information. But when file get big and heavy, Database will be
more secure. And then they had (Windows builder) the choice of a
database "Windows Registry".
Microsoft Dot Net Frame 1.1 and higher have implemented a great
solution for registry on their classes. This will replace the hard
work and long lines of code that programmers have to write if they are
using Visual Studio 6.0 for example.

2- How to read, write and change the registry

Windows has a wonderful tool on it, named "Registry Editor". But you
won't find it, unless you open the System32 folder on the Windows
folder.
But we can easily run it throught the execute command it the start
menu. Just type "regedit" (without quotes).
Now the registry editor will open.
Please before doing any changes on your registry make a backup.
To do a windows registry backup: File > Export > Give a name for the
file and select the All option box.
The backup may block your pc from working for a short period of time.
You'll see that there are 5 folder. Those are the main folder (named
hives) and you can't add another main folder.
Now you can select any folder and right click on it, then add a new
sub-folder or value.
By selecting any folder and right clicking, you'll find a list of
action that you can do.
If the action is blended (made not selectable), then either it's
impossible or you don't have the rights to do this action.
You need administrator rights to change registry keys.

3- HIVES (main registry folders) and their use

The registry is split into a number of logical sections named "hives",
those are the top main folder that can added, edited or renamed.
They all start with "HKEY" prefix.

HKEY_CLASSES_ROOT
Stores information about registered applications, such as Associations
from File Extensions and OLE Object Class ID's tying them to the
applications used to handle these items.
HKEY_CURRENT_USER
Stores settings that are specific to the currently logged-in user. The
HKCU key is a link to the subkey of HKEY_USERS that corresponds to the
user; the same information is reflected in both locations. On Windows-
NT based systems, each users' settings are stored in their own files
called NTUSER.DAT and USRCLASS.DAT inside their own documents and
settings subfolder.
HKEY_LOCAL_MACHINE
Abbreviated HKLM, HKEY_LOCAL_MACHINE stores settings that are general
to all users on the computer. On NT-based versions of Windows, HKLM
contains four subkeys, SAM, SECURITY, SOFTWARE and SYSTEM, that are
found within their respective files located in the %SystemRoot%
\System32\Config folder. A fifth subkey, HARDWARE, is volatile and is
created dynamically, and as such is not stored in a file. Information
about system hardware drivers and services are located under the
SYSTEM subkey, whilst the SOFTWARE subkey contains software and
windows settings.
HKEY_USERS
Contains subkeys corresponding to the HKEY_CURRENT_USER keys for each
user registered on the machine.
HKEY_CURRENT_CONFIG
Contains information gathered at runtime; information stored in this
key is not permanently stored on disk, but rather regenerated at boot
time.

4- Defenition of registry values

Binary Value
REG_BINARY
Raw binary data. Most hardware component information is stored as
binary data and is displayed in Registry Editor in hexadecimal
format.
DWORD Value
REG_DWORD
Data represented by a number that is 4 bytes long (a 32-bit integer).
Many parameters for device drivers and services are this type and are
displayed in Registry Editor in binary, hexadecimal, or decimal
format. Related values are DWORD_LITTLE_ENDIAN (least significant byte
is at the lowest address) and REG_DWORD_BIG_ENDIAN (least significant
byte is at the highest address).
Expandable String Value
REG_EXPAND_SZ
A variable-length data string. This data type includes variables that
are resolved when a program or service uses the data.
Multi-String Value
REG_MULTI_SZ
A multiple string. Values that contain lists or multiple values in a
form that people can read are generally this type. Entries are
separated by spaces, commas, or other marks.
String Value
REG_SZ
A fixed-length text string.
Binary Value
REG_RESOURCE_LIST
A series of nested arrays that is designed to store a resource list
that is used by a hardware device driver or one of the physical
devices it controls. This data is detected and written in the
\ResourceMap tree by the system and is displayed in Registry Editor in
hexadecimal format as a Binary Value.
Binary Value
REG_RESOURCE_REQUIREMENTS_LIST
A series of nested arrays that is designed to store a device driver's
list of possible hardware resources the driver or one of the physical
devices it controls can use. The system writes a subset of this list
in the \ResourceMap tree. This data is detected by the system and is
displayed in Registry Editor in hexadecimal format as a Binary Value.
Binary Value
REG_FULL_RESOURCE_DESCRIPTOR
A series of nested arrays that is designed to store a resource list
that is used by a physical hardware device. This data is detected and
written in the \HardwareDescription tree by the system and is
displayed in Registry Editor in hexadecimal format as a Binary Value.
None
REG_NONE
Data without any particular type. This data is written to the registry
by the system or applications and is displayed in Registry Editor in
hexadecimal format as a Binary Value
Link
REG_LINK
A Unicode string naming a symbolic link.
QWORD Value
REG_QWORD
Data represented by a number that is a 64-bit integer. This data is
displayed in Registry Editor as a Binary Value and was introduced in
Windows 2000.

This tutorial doesn't contain any source.
See http://thedotnetsource.blogspot.com for the lastet tutorials and
updates.

The Zip file contains:
-The readme.txt file
-The tutorial.txt file

Still have question:
Go to our blog (http://thedotnetsource.blogspot.com). Select the
tutorial post. Post a comment describing your problem.
 
Back
Top